91ÑÇÉ«

Service Advisory

Broadcom has released new patches for previously critical vulnerability (CVE-2024-38812) that attackers can exploit to gain remote code execution on unpatched servers via a network packet.

CVSS Score:
9.8/Critical

Description:
VMware vCenter Server is a central management platform for VMware vSphere, enabling the management of virtual machines and ESXi hosts. CVE-2024-38812 is a heap-overflow vulnerability in the implementation of the . A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code execution.

Affected Versions:

vCenter Server versions 7.0, 8.0

Cloud Foundation versions 4.x and 5.x.                                    

Impact:

This vulnerability if exploited could lead to remote code execution.

Resolution:

To apply the new patches listed in the advisory below.

Reference:

UIT Information Security

Contact

Client Services at askit@yorku.ca or 416 736 5800

PRIVACY POLICY | VISIT WWW.YORKU.CA
This email was sent by: 91ÑÇÉ«, 4700 Keele Street, Toronto, Ontario M3J 1P3

This email is viewed best in Microsoft Outlook for web